SE16 / SE16N / SE16H Data Browser
The typical tasks of system support and administration of an SAP landscape, regardless of whether it is 2-tier or multi-level, include the following
SAP offers a huge toolbox of different technologies to support business processes. The usefulness of their use is essentially determined by the task and its technical requirements. We have gained a lot of valuable experience in the following technologies, which we would like to make available to you.
SAP, as one of the world's leading software providers with over 100,000 employees, is a central component of the system landscape for many companies. Due to the many different modules, such as "Finance" and "Human Capital Management", as well as the wide range of customization options, a broad field of professions and possible areas of activity has opened up here in almost 50 years.
What has changed in the past ten years and what can we expect in the next ten? How will they affect the requirements profile of SAP Basis experts and how can they adapt to them?
However, the tasks also include strategic and planning aspects. For example, administrators define requirements and standards, select and control upgrades or enhancements, implement monitoring processes, and take care of necessary backups and emergency management.
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
They should all be marked and deleted until the view is empty again.
The website www.sap-corner.de offers many useful information about SAP basis.
A trick often used by administrators is to allow for time buffers before starting the next job.